Hi,
first of all, I must say I'm not an expert about e-security....
My problem is:
We must store very big documents for about 10 years and our customer
asked us to apply a timestamp over every document.
I've searched over the internet, and it seems that the timestamp on a
non-signed document is pretty useless.
Is this true?
Anyway, if I sign the document, then, what is best:
1) I sign the document, I timestamp the document and then I
create a PKCS#7 containing all them.
Where should I put the timestamp?
2) I sign the document, I create a PKCS#7 and then I timestamp
the PKCS#7 (I save it on an external file)
3) I am completely wrong and I have to do something completely
different?
Many thanks in advance,
Massimiliano Ziccardi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
